Revert "Reland "Adds icon loading service with sandbox for Windows.""

This reverts commit 2621701f.

Reason for revert:

Findit (https://goo.gl/kROfz5) identified CL at revision 780382 as the
culprit for failures in the build cycles as shown on:
https://analysis.chromium.org/waterfall/culprit?key=ag9zfmZpbmRpdC1mb3ItbWVyRAsSDVdmU3VzcGVjdGVkQ0wiMWNocm9taXVtLzI2MjE3MDFmMTc0YTFmMWVmMWMyOGE0N2QzZDY3OWE3YjMzZDA0NzMM

Sample Failed Build: https://ci.chromium.org/b/8877036858738311632

Sample Failed Step: compile

Original change's description:
> Reland "Adds icon loading service with sandbox for Windows."
> 
> This is a reland of c3de1340
> 
> Original change's description:
> > Adds icon loading service with sandbox for Windows.
> >
> > Adds a new |SandboxType::kIconReader| with token and integrity
> > levels that allow PrivateExtractIcon to do its thing. The service is
> > only used for PE files which, as a complex format, should not
> > be parsed in the browser. Other icons are found based only on a
> > file's extension. These are handled in the browser as this is both
> > faster and allows a tighter sandbox to be applied to the PE file
> > parsing. PrivateExtractIcon (a documented but discouraged Windows API)
> > is used instead of SHGetFileInfo as SHGetFileInfo requires COM
> > which considerably weakens sandboxing.
> >
> > Adds basic icon loading test for all platforms.
> >
> > A follow-on CL will add a fallback for PE files for which no embedded
> > icon is available.
> >
> > Testing: adds a unit test for groups, plus
> > manual testing on Windows 7 x86 and Windows 10 x64.
> >
> > Bug: 1032250
> > Change-Id: I6975e5612d8b6f35e3216a67fc98592a45895c1b
> > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1987273
> > Commit-Queue: Alex Gough <ajgo@chromium.org>
> > Reviewed-by: Robert Liao <robliao@chromium.org>
> > Reviewed-by: Will Harris <wfh@chromium.org>
> > Reviewed-by: Avi Drissman <avi@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#779502}
> 
> TBR=robliao@chromium.org
> 
> Bug: 1032250
> Change-Id: I7b5bd3c66ff7c6935939c1f21ef9c45384183522
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2252842
> Reviewed-by: Avi Drissman <avi@chromium.org>
> Reviewed-by: Will Harris <wfh@chromium.org>
> Reviewed-by: Alex Gough <ajgo@chromium.org>
> Commit-Queue: Alex Gough <ajgo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#780382}


Change-Id: I367d0f5483f93f8ccb78f1e5d79a54dabfb6373a
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: 1032250
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2254899
Cr-Commit-Position: refs/heads/master@{#780404}

chrome/browser/BUILD.gn

@@ -4129,8 +4129,6 @@ static_library("browser") {
       "sync/roaming_profile_directory_deleter_win.h",
       "taskbar/taskbar_decorator_win.cc",
       "taskbar/taskbar_decorator_win.h",
-      "win/icon_reader_service.cc",
-      "win/icon_reader_service.h",
       "win/parental_controls.cc",
       "win/parental_controls.h",
       "win/util_win_service.cc",

chrome/browser/chrome_content_browser_client.cc

@@ -3740,7 +3740,6 @@ base::string16 ChromeContentBrowserClient::GetAppContainerSidForSandboxType(
     case service_manager::SandboxType::kPdfConversion:
     case service_manager::SandboxType::kSharingService:
     case service_manager::SandboxType::kVideoCapture:
-    case service_manager::SandboxType::kIconReader:
       // Should never reach here.
       CHECK(0);
       return base::string16();

chrome/browser/icon_loader.cc

@@ -40,11 +40,9 @@ IconLoader::IconLoader(const base::FilePath& file_path,
 
 IconLoader::~IconLoader() {}
 
-#if !defined(OS_WIN)
 void IconLoader::ReadGroup() {
   group_ = GroupForFilepath(file_path_);
 
   GetReadIconTaskRunner()->PostTask(
       FROM_HERE, base::BindOnce(&IconLoader::ReadIcon, base::Unretained(this)));
 }
-#endif  // !defined(OS_WIN)

chrome/browser/icon_loader.h

@@ -72,11 +72,6 @@ class IconLoader {
 
   void ReadGroup();
   void ReadIcon();
-#if defined(OS_WIN)
-  // Reads an icon in a sandboxed service. Use this when the file itself must
-  // be parsed.
-  void ReadIconInSandbox();
-#endif
 
   // The traits of the tasks posted to base::ThreadPool by this class. These
   // operations may block, because they are fetching icons from the disk, yet

chrome/browser/icon_loader_browsertest.cc

-// Copyright 2020 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "base/files/file_path.h"
-#include "base/macros.h"
-#include "base/path_service.h"
-#include "base/run_loop.h"
-#include "build/build_config.h"
-#include "chrome/browser/icon_loader.h"
-#include "chrome/test/base/in_process_browser_test.h"
-#include "content/public/test/browser_test.h"
-#include "mojo/public/cpp/bindings/remote.h"
-#include "ui/gfx/image/image.h"
-
-using IconLoaderBrowserTest = InProcessBrowserTest;
-
-class TestIconLoader {
- public:
-  explicit TestIconLoader(base::OnceClosure quit_closure)
-      : quit_closure_(std::move(quit_closure)) {}
-
-  ~TestIconLoader() {
-    if (!quit_closure_.is_null()) {
-      std::move(quit_closure_).Run();
-    }
-  }
-
-  bool load_succeeded() const { return load_succeeded_; }
-
-  bool TryLoadIcon(const base::FilePath& file_path, IconLoader::IconSize size) {
-    // |loader| is self deleting. |this| will live as long as the
-    // test.
-    auto* loader = IconLoader::Create(
-        file_path, size,
-        base::BindOnce(&TestIconLoader::OnIconLoaded, base::Unretained(this)));
-    loader->Start();
-    return true;
-  }
-
- private:
-  void OnIconLoaded(gfx::Image img, const IconLoader::IconGroup& group) {
-    if (!img.IsEmpty())
-      load_succeeded_ = true;
-    Quit();
-  }
-
-  void Quit() {
-    EXPECT_FALSE(quit_closure_.is_null());
-    std::move(quit_closure_).Run();
-  }
-
-  bool load_succeeded_ = false;
-  base::OnceClosure quit_closure_;
-
-  DISALLOW_COPY_AND_ASSIGN(TestIconLoader);
-};
-
-const base::FilePath::CharType kGroupOnlyFilename[] =
-    FILE_PATH_LITERAL("unlikely-to-exist-file.txt");
-
-#if !(defined(OS_LINUX) && defined(MEMORY_SANITIZER))
-// Under GTK, the icon providing functions do not return icons.
-IN_PROC_BROWSER_TEST_F(IconLoaderBrowserTest, LoadGroup) {
-  // Test that an icon for a file type (group) can be loaded even
-  // where a file does not exist. Should work cross platform.
-  base::RunLoop runner;
-
-  TestIconLoader test_loader(runner.QuitClosure());
-
-  test_loader.TryLoadIcon(base::FilePath(kGroupOnlyFilename),
-                          IconLoader::NORMAL);
-
-  runner.Run();
-  EXPECT_TRUE(test_loader.load_succeeded());
-}
-#endif  // !(defined(OS_LINUX) && defined(MEMORY_SANITIZER))
-
-#if defined(OS_WIN)
-IN_PROC_BROWSER_TEST_F(IconLoaderBrowserTest, LoadExeIcon) {
-  base::RunLoop runner;
-
-  TestIconLoader test_loader(runner.QuitClosure());
-
-  base::FilePath exe_path;
-  base::PathService::Get(base::FILE_EXE, &exe_path);
-  test_loader.TryLoadIcon(exe_path, IconLoader::NORMAL);
-
-  runner.Run();
-  EXPECT_TRUE(test_loader.load_succeeded());
-}
-#endif  // OS_WIN

chrome/browser/icon_loader_win.cc

@@ -8,114 +8,14 @@
 #include <shellapi.h>
 
 #include "base/bind.h"
-#include "base/callback.h"
-#include "base/files/file_path.h"
 #include "base/task/thread_pool.h"
 #include "base/threading/thread.h"
-#include "chrome/browser/win/icon_reader_service.h"
-#include "chrome/services/util_win/public/mojom/util_read_icon.mojom.h"
-#include "content/public/browser/browser_task_traits.h"
-#include "content/public/browser/browser_thread.h"
+#include "third_party/skia/include/core/SkBitmap.h"
 #include "ui/display/win/dpi.h"
 #include "ui/gfx/geometry/size.h"
 #include "ui/gfx/icon_util.h"
 #include "ui/gfx/image/image_skia.h"
 
-namespace {
-// Helper class to manage lifetime of icon reader service.
-class IconLoaderHelper {
- public:
-  static void ExecuteLoadIcon(
-      base::FilePath filename,
-      chrome::mojom::IconSize size,
-      scoped_refptr<base::SingleThreadTaskRunner> target_task_runner,
-      IconLoader::IconLoadedCallback icon_loaded_callback);
-
-  IconLoaderHelper(base::FilePath filename, chrome::mojom::IconSize size);
-
- private:
-  void StartReadIconRequest();
-  void OnConnectionError();
-  void OnReadIconExecuted(const gfx::ImageSkia& icon,
-                          const base::string16& group);
-
-  using IconLoaderHelperCallback =
-      base::OnceCallback<void(gfx::Image image,
-                              const IconLoader::IconGroup& icon_group)>;
-
-  void set_finally(IconLoaderHelperCallback finally) {
-    finally_ = std::move(finally);
-  }
-
-  mojo::Remote<chrome::mojom::UtilReadIcon> remote_read_icon_;
-  base::FilePath filename_;
-  chrome::mojom::IconSize size_;
-  // This callback owns the object until work is done.
-  IconLoaderHelperCallback finally_;
-
-  SEQUENCE_CHECKER(sequence_checker_);
-
-  DISALLOW_COPY_AND_ASSIGN(IconLoaderHelper);
-};
-
-void IconLoaderHelper::ExecuteLoadIcon(
-    base::FilePath filename,
-    chrome::mojom::IconSize size,
-    scoped_refptr<base::SingleThreadTaskRunner> target_task_runner,
-    IconLoader::IconLoadedCallback icon_loaded_callback) {
-  // Self-deleting helper manages service lifetime.
-  auto helper = std::make_unique<IconLoaderHelper>(filename, size);
-  auto* helper_raw = helper.get();
-  // This callback owns the helper and extinguishes itself once work is done.
-  auto finally_callback = base::BindOnce(
-      [](std::unique_ptr<IconLoaderHelper> helper,
-         IconLoader::IconLoadedCallback icon_loaded_callback,
-         scoped_refptr<base::SingleThreadTaskRunner> target_task_runner,
-         gfx::Image image, const IconLoader::IconGroup& icon_group) {
-        target_task_runner->PostTask(
-            FROM_HERE, base::BindOnce(std::move(icon_loaded_callback),
-                                      std::move(image), icon_group));
-      },
-      std::move(helper), std::move(icon_loaded_callback), target_task_runner);
-
-  helper_raw->set_finally(std::move(finally_callback));
-  helper_raw->StartReadIconRequest();
-}
-
-IconLoaderHelper::IconLoaderHelper(base::FilePath filename,
-                                   chrome::mojom::IconSize size)
-    : filename_(filename), size_(size) {
-  remote_read_icon_ = LaunchIconReaderInstance();
-  remote_read_icon_.set_disconnect_handler(base::BindOnce(
-      &IconLoaderHelper::OnConnectionError, base::Unretained(this)));
-}
-
-void IconLoaderHelper::StartReadIconRequest() {
-  remote_read_icon_->ReadIcon(
-      filename_, size_,
-      base::BindOnce(&IconLoaderHelper::OnReadIconExecuted,
-                     base::Unretained(this)));
-}
-
-void IconLoaderHelper::OnConnectionError() {
-  DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
-  if (finally_.is_null())
-    return;
-
-  gfx::Image image;
-  std::move(finally_).Run(std::move(image), filename_.value());
-}
-
-void IconLoaderHelper::OnReadIconExecuted(const gfx::ImageSkia& icon,
-                                          const base::string16& group) {
-  DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
-
-  gfx::Image image(icon);
-  std::move(finally_).Run(std::move(image), group);
-}
-
-}  // namespace
-
 // static
 IconLoader::IconGroup IconLoader::GroupForFilepath(
     const base::FilePath& file_path) {
@@ -135,23 +35,6 @@ scoped_refptr<base::TaskRunner> IconLoader::GetReadIconTaskRunner() {
   return base::ThreadPool::CreateCOMSTATaskRunner(traits());
 }
 
-void IconLoader::ReadGroup() {
-  group_ = GroupForFilepath(file_path_);
-
-  if (group_ == file_path_.value()) {
-    // Calls a Windows API that parses the file so must be sandboxed. Call on
-    // target sequence as we don't need COM in this process.
-    target_task_runner_->PostTask(
-        FROM_HERE,
-        base::BindOnce(&IconLoader::ReadIconInSandbox, base::Unretained(this)));
-  } else {
-    // Looks up generic icons for groups based only on the file's extension.
-    GetReadIconTaskRunner()->PostTask(
-        FROM_HERE,
-        base::BindOnce(&IconLoader::ReadIcon, base::Unretained(this)));
-  }
-}
-
 void IconLoader::ReadIcon() {
   int size = 0;
   switch (icon_size_) {
@@ -172,16 +55,16 @@ void IconLoader::ReadIcon() {
 
   SHFILEINFO file_info = { 0 };
   if (SHGetFileInfo(group_.c_str(), FILE_ATTRIBUTE_NORMAL, &file_info,
-                    sizeof(file_info),
-                    SHGFI_ICON | size | SHGFI_USEFILEATTRIBUTES)) {
+                     sizeof(SHFILEINFO),
+                     SHGFI_ICON | size | SHGFI_USEFILEATTRIBUTES)) {
     const SkBitmap bitmap = IconUtil::CreateSkBitmapFromHICON(file_info.hIcon);
     if (!bitmap.isNull()) {
       gfx::ImageSkia image_skia(
           gfx::ImageSkiaRep(bitmap, display::win::GetDPIScale()));
       image_skia.MakeThreadSafe();
       image = gfx::Image(image_skia);
+      DestroyIcon(file_info.hIcon);
     }
-    DestroyIcon(file_info.hIcon);
   }
 
   target_task_runner_->PostTask(
@@ -189,25 +72,3 @@ void IconLoader::ReadIcon() {
       base::BindOnce(std::move(callback_), std::move(image), group_));
   delete this;
 }
-
-void IconLoader::ReadIconInSandbox() {
-  chrome::mojom::IconSize size = chrome::mojom::IconSize::kNormal;
-  switch (icon_size_) {
-    case IconLoader::SMALL:
-      size = chrome::mojom::IconSize::kSmall;
-      break;
-    case IconLoader::NORMAL:
-      size = chrome::mojom::IconSize::kNormal;
-      break;
-    case IconLoader::LARGE:
-      size = chrome::mojom::IconSize::kLarge;
-      break;
-    default:
-      NOTREACHED();
-  }
-
-  IconLoaderHelper::ExecuteLoadIcon(base::FilePath(group_), size,
-                                    target_task_runner_, std::move(callback_));
-
-  delete this;
-}

chrome/browser/service_sandbox_type.h

@@ -34,21 +34,6 @@ content::GetServiceSandboxType<chrome::mojom::RemovableStorageWriter>() {
 #endif  // !defined(OS_WIN)
 }
 
-// chrome::mojom::UtilReadIcon
-#if defined(OS_WIN)
-namespace chrome {
-namespace mojom {
-class UtilReadIcon;
-}
-}  // namespace chrome
-
-template <>
-inline content::SandboxType
-content::GetServiceSandboxType<chrome::mojom::UtilReadIcon>() {
-  return content::SandboxType::kIconReader;
-}
-#endif  // defined(OS_WIN)
-
 // chrome::mojom::UtilWin
 #if defined(OS_WIN)
 namespace chrome {

chrome/browser/win/icon_reader_service.cc

-// Copyright 2020 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "chrome/browser/win/icon_reader_service.h"
-
-#include "chrome/browser/service_sandbox_type.h"
-#include "chrome/grit/generated_resources.h"
-#include "content/public/browser/service_process_host.h"
-
-mojo::Remote<chrome::mojom::UtilReadIcon> LaunchIconReaderInstance() {
-  return content::ServiceProcessHost::Launch<chrome::mojom::UtilReadIcon>(
-      content::ServiceProcessHost::Options()
-          .WithDisplayName(IDS_UTILITY_PROCESS_UTILITY_WIN_NAME)
-          .Pass());
-}

chrome/browser/win/icon_reader_service.h

-// Copyright 2020 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#ifndef CHROME_BROWSER_WIN_ICON_READER_SERVICE_H_
-#define CHROME_BROWSER_WIN_ICON_READER_SERVICE_H_
-
-#include "chrome/services/util_win/public/mojom/util_read_icon.mojom.h"
-#include "mojo/public/cpp/bindings/remote.h"
-
-// Spawns a new isolated instance of the Windows icon utility service and
-// returns a remote interface to it. The lifetime of the service process is tied
-// strictly to the lifetime of the returned Remote.
-mojo::Remote<chrome::mojom::UtilReadIcon> LaunchIconReaderInstance();
-
-#endif  // CHROME_BROWSER_WIN_ICON_READER_SERVICE_H_

chrome/services/util_win/BUILD.gn

@@ -10,8 +10,6 @@ source_set("lib") {
     "av_products.h",
     "processor_metrics.cc",
     "processor_metrics.h",
-    "util_read_icon.cc",
-    "util_read_icon.h",
     "util_win_impl.cc",
     "util_win_impl.h",
   ]

chrome/services/util_win/public/mojom/BUILD.gn

@@ -5,13 +5,7 @@
 import("//mojo/public/tools/bindings/mojom.gni")
 
 mojom("mojom") {
-  sources = [
-    "util_read_icon.mojom",
-    "util_win.mojom",
-  ]
+  sources = [ "util_win.mojom" ]
 
-  public_deps = [
-    "//mojo/public/mojom/base",
-    "//ui/gfx/image/mojom",
-  ]
+  public_deps = [ "//mojo/public/mojom/base" ]
 }

chrome/services/util_win/public/mojom/util_read_icon.mojom

-// Copyright 2020 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-module chrome.mojom;
-
-import "mojo/public/mojom/base/file_path.mojom";
-import "mojo/public/mojom/base/string16.mojom";
-import "ui/gfx/image/mojom/image.mojom";
-
-// Correspond to SHGFI_*ICON.
-enum IconSize {
-  kSmall,
-  kNormal,
-  kLarge,
-};
-
-// Utility process interface exposed to the browser process on OS_WIN. Allows
-// for sandboxing when reading icons from downloaded files.
-interface UtilReadIcon {
-  // Reads the primary icon from |file| using |size| as a hint.
-  ReadIcon(mojo_base.mojom.FilePath filename, IconSize size) =>
-      (gfx.mojom.ImageSkia? icon,  mojo_base.mojom.String16 group);
-};

chrome/services/util_win/util_read_icon.cc

-// Copyright 2020 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "chrome/services/util_win/util_read_icon.h"
-
-#include <windows.h>
-
-#include "base/files/file_path.h"
-#include "base/strings/string16.h"
-#include "mojo/public/cpp/bindings/strong_binding.h"
-#include "third_party/skia/include/core/SkBitmap.h"
-#include "ui/display/win/dpi.h"
-#include "ui/gfx/geometry/size.h"
-#include "ui/gfx/icon_util.h"
-#include "ui/gfx/image/image_skia.h"
-
-namespace {
-// Provides storage for icon handles.
-struct ScopedIconHandles {
- public:
-  explicit ScopedIconHandles(size_t n)
-      : handles(std::vector<HICON>(n, nullptr)),
-        resources(std::vector<UINT>(n, 0)) {}
-  ~ScopedIconHandles() {
-    for (HICON icon : handles) {
-      if (icon) {
-        DeleteObject(icon);
-      }
-    }
-  }
-
-  std::vector<HICON> handles;
-  std::vector<UINT> resources;
-};
-}  // namespace
-
-using chrome::mojom::IconSize;
-
-UtilReadIcon::UtilReadIcon(
-    mojo::PendingReceiver<chrome::mojom::UtilReadIcon> receiver)
-    : receiver_(this, std::move(receiver)) {}
-
-UtilReadIcon::~UtilReadIcon() = default;
-
-// This is exposed to the browser process only. |filename| is a path to
-// a downloaded file, such as an |.exe|.
-void UtilReadIcon::ReadIcon(const base::FilePath& filename,
-                            IconSize icon_size,
-                            ReadIconCallback callback) {
-  int size = 0;
-  // See IconLoader::IconSize.
-  switch (icon_size) {
-    case IconSize::kSmall:
-      size = 16;
-      break;
-    case IconSize::kNormal:
-      size = 32;
-      break;
-    case IconSize::kLarge:
-      size = 48;
-      break;
-    default:
-      NOTREACHED();
-  }
-
-  gfx::ImageSkia image_ret;
-
-  // Returns number of icons, or 0 on failure.
-  UINT nIcons = PrivateExtractIconsW(filename.value().c_str(), 0, 0, 0, nullptr,
-                                     nullptr, 0, 0);
-
-  if (nIcons == 0) {
-    std::move(callback).Run(std::move(image_ret), filename.value());
-    return;
-  }
-
-  ScopedIconHandles icons(nIcons);
-  UINT ret = PrivateExtractIconsW(filename.value().c_str(), 0, size, size,
-                                  icons.handles.data(), icons.resources.data(),
-                                  nIcons, 0);
-
-  if (ret != nIcons) {
-    std::move(callback).Run(std::move(image_ret), filename.value());
-    return;
-  }
-
-  // Use icon with lowest resource value, or first if no hints available.
-  UINT best = 0xFFFFFFFF;
-  HICON selected = icons.handles.at(0);
-  for (size_t i = 0; i < icons.handles.size(); i++) {
-    if (icons.resources.at(i) < best) {
-      best = icons.resources.at(i);
-      selected = icons.handles.at(i);
-    }
-  }
-
-  const SkBitmap bitmap = IconUtil::CreateSkBitmapFromHICON(selected);
-  if (!bitmap.isNull()) {
-    gfx::ImageSkia image_skia(
-        gfx::ImageSkiaRep(bitmap, display::win::GetDPIScale()));
-    image_skia.MakeThreadSafe();
-    image_ret = std::move(image_skia);
-  }
-
-  std::move(callback).Run(std::move(image_ret), filename.value());
-}

chrome/services/util_win/util_read_icon.h

-// Copyright 2020 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#ifndef CHROME_SERVICES_UTIL_WIN_UTIL_READ_ICON_H_
-#define CHROME_SERVICES_UTIL_WIN_UTIL_READ_ICON_H_
-
-#include "base/macros.h"
-#include "base/strings/string16.h"
-#include "chrome/services/util_win/public/mojom/util_read_icon.mojom.h"
-#include "mojo/public/cpp/bindings/pending_receiver.h"
-#include "mojo/public/cpp/bindings/receiver.h"
-
-class UtilReadIcon : public chrome::mojom::UtilReadIcon {
- public:
-  explicit UtilReadIcon(
-      mojo::PendingReceiver<chrome::mojom::UtilReadIcon> receiver);
-  ~UtilReadIcon() override;
-
- private:
-  // chrome::mojom::UtilReadIcon:
-  void ReadIcon(const base::FilePath& filename,
-                chrome::mojom::IconSize icon_size,
-                ReadIconCallback callback) override;
-
-  mojo::Receiver<chrome::mojom::UtilReadIcon> receiver_;
-
-  base::WeakPtrFactory<UtilReadIcon> weak_ptr_factory_{this};
-  DISALLOW_COPY_AND_ASSIGN(UtilReadIcon);
-};
-
-#endif  // CHROME_SERVICES_UTIL_WIN_UTIL_READ_ICON_H_

chrome/test/BUILD.gn

@@ -885,7 +885,6 @@ if (!is_android) {
       "../browser/heavy_ad_intervention/heavy_ad_helper_browsertest.cc",
       "../browser/history/history_browsertest.cc",
       "../browser/history/redirect_browsertest.cc",
-      "../browser/icon_loader_browsertest.cc",
       "../browser/idle/idle_browsertest.cc",
       "../browser/iframe_browsertest.cc",
       "../browser/image_fetcher/image_fetcher_impl_browsertest.cc",

chrome/utility/DEPS

@@ -15,7 +15,6 @@ include_rules = [
   "+chrome/services/removable_storage_writer",
   "+chrome/services/sharing",
   "+chrome/services/speech/speech_recognition_service_impl.h",
-  "+chrome/services/util_win/util_read_icon.h",
   "+chrome/services/util_win/util_win_impl.h",
   "+chrome/services/util_win/public/mojom",
   "+chromeos/assistant/buildflags.h",

chrome/utility/services.cc

@@ -25,9 +25,7 @@
 #include "printing/buildflags/buildflags.h"
 
 #if defined(OS_WIN)
-#include "chrome/services/util_win/public/mojom/util_read_icon.mojom.h"
 #include "chrome/services/util_win/public/mojom/util_win.mojom.h"
-#include "chrome/services/util_win/util_read_icon.h"
 #include "chrome/services/util_win/util_win_impl.h"
 #include "components/services/quarantine/public/cpp/quarantine_features_win.h"  // nogncheck
 #include "components/services/quarantine/public/mojom/quarantine.mojom.h"  // nogncheck
@@ -128,11 +126,6 @@ auto RunQuarantineService(
 auto RunWindowsUtility(mojo::PendingReceiver<chrome::mojom::UtilWin> receiver) {
   return std::make_unique<UtilWinImpl>(std::move(receiver));
 }
-
-auto RunWindowsIconReader(
-    mojo::PendingReceiver<chrome::mojom::UtilReadIcon> receiver) {
-  return std::make_unique<UtilReadIcon>(std::move(receiver));
-}
 #endif  // defined(OS_WIN)
 
 #if !defined(OS_ANDROID)
@@ -275,7 +268,6 @@ mojo::ServiceFactory* GetMainThreadServiceFactory() {
 #if defined(OS_WIN)
     RunQuarantineService,
     RunWindowsUtility,
-    RunWindowsIconReader,
 #endif  // defined(OS_WIN)
 
 #if BUILDFLAG(ENABLE_PRINTING) && defined(OS_CHROMEOS)

content/browser/utility_process_host.cc

@@ -81,7 +81,6 @@ class UtilitySandboxedProcessLauncherDelegate
         sandbox_type_ == service_manager::SandboxType::kXrCompositing ||
         sandbox_type_ == service_manager::SandboxType::kProxyResolver ||
         sandbox_type_ == service_manager::SandboxType::kPdfConversion ||
-        sandbox_type_ == service_manager::SandboxType::kIconReader ||
 #endif
         sandbox_type_ == service_manager::SandboxType::kUtility ||
         sandbox_type_ == service_manager::SandboxType::kNetwork ||
@@ -152,31 +151,6 @@ class UtilitySandboxedProcessLauncherDelegate
       return true;
     }
 
-    if (sandbox_type_ == service_manager::SandboxType::kIconReader) {
-      policy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS,
-                            sandbox::USER_LOCKDOWN);
-      policy->SetDelayedIntegrityLevel(sandbox::INTEGRITY_LEVEL_UNTRUSTED);
-      policy->SetIntegrityLevel(sandbox::INTEGRITY_LEVEL_LOW);
-      policy->SetLockdownDefaultDacl();
-      policy->SetAlternateDesktop(true);
-
-      sandbox::MitigationFlags flags = policy->GetDelayedProcessMitigations();
-      flags |= sandbox::MITIGATION_DYNAMIC_CODE_DISABLE;
-      if (sandbox::SBOX_ALL_OK != policy->SetDelayedProcessMitigations(flags))
-        return false;
-
-      // Allow file read. These should match IconLoader::GroupForFilepath().
-      policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES,
-                      sandbox::TargetPolicy::FILES_ALLOW_READONLY,
-                      L"\\??\\*.exe");
-      policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES,
-                      sandbox::TargetPolicy::FILES_ALLOW_READONLY,
-                      L"\\??\\*.dll");
-      policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES,
-                      sandbox::TargetPolicy::FILES_ALLOW_READONLY,
-                      L"\\??\\*.ico");
-    }
-
     if (sandbox_type_ == service_manager::SandboxType::kXrCompositing &&
         base::FeatureList::IsEnabled(service_manager::features::kXRSandbox)) {
       // There were issues with some mitigations, causing an inability

services/service_manager/sandbox/sandbox_type.cc

@@ -27,7 +27,6 @@ bool IsUnsandboxedSandboxType(SandboxType sandbox_type) {
           service_manager::features::kXRSandbox);
     case SandboxType::kProxyResolver:
     case SandboxType::kPdfConversion:
-    case SandboxType::kIconReader:
       return false;
 #endif
     case SandboxType::kAudio:
@@ -119,7 +118,6 @@ void SetCommandLineFlagsForSandboxType(base::CommandLine* command_line,
     case SandboxType::kXrCompositing:
     case SandboxType::kProxyResolver:
     case SandboxType::kPdfConversion:
-    case SandboxType::kIconReader:
 #endif  // defined(OS_WIN)
 #if defined(OS_CHROMEOS)
     case SandboxType::kIme:
@@ -242,8 +240,6 @@ std::string StringFromUtilitySandboxType(SandboxType sandbox_type) {
       return switches::kProxyResolverSandbox;
     case SandboxType::kPdfConversion:
       return switches::kPdfConversionSandbox;
-    case SandboxType::kIconReader:
-      return switches::kIconReaderSandbox;
 #endif  // defined(OS_WIN)
 #if defined(OS_CHROMEOS)
     case SandboxType::kIme:
@@ -296,8 +292,6 @@ SandboxType UtilitySandboxTypeFromString(const std::string& sandbox_string) {
     return SandboxType::kProxyResolver;
   if (sandbox_string == switches::kPdfConversionSandbox)
     return SandboxType::kPdfConversion;
-  if (sandbox_string == switches::kIconReaderSandbox)
-    return SandboxType::kIconReader;
 #endif
   if (sandbox_string == switches::kAudioSandbox)
     return SandboxType::kAudio;

services/service_manager/sandbox/sandbox_type.h

@@ -30,9 +30,6 @@ enum class SandboxType {
 
   // The PDF conversion service process used in printing.
   kPdfConversion,
-
-  // The icon reader service.
-  kIconReader,
 #endif
 
 #if defined(OS_FUCHSIA)

services/service_manager/sandbox/switches.cc

@@ -36,7 +36,6 @@ const char kVideoCaptureSandbox[] = "video_capture";
 const char kPdfConversionSandbox[] = "pdf_conversion";
 const char kProxyResolverSandbox[] = "proxy_resolver";
 const char kXrCompositingSandbox[] = "xr_compositing";
-const char kIconReaderSandbox[] = "icon_reader";
 #endif  // OS_WIN
 
 #if defined(OS_CHROMEOS)

services/service_manager/sandbox/switches.h

@@ -35,7 +35,6 @@ SERVICE_MANAGER_SANDBOX_EXPORT extern const char kVideoCaptureSandbox[];
 SERVICE_MANAGER_SANDBOX_EXPORT extern const char kPdfConversionSandbox[];
 SERVICE_MANAGER_SANDBOX_EXPORT extern const char kProxyResolverSandbox[];
 SERVICE_MANAGER_SANDBOX_EXPORT extern const char kXrCompositingSandbox[];
-SERVICE_MANAGER_SANDBOX_EXPORT extern const char kIconReaderSandbox[];
 #endif  // OS_WIN
 
 #if defined(OS_CHROMEOS)

services/service_manager/sandbox/win/sandbox_win.cc

@@ -953,8 +953,7 @@ sandbox::ResultCode SandboxWin::StartSandboxedProcess(
   if (!cmd_line->HasSwitch(switches::kAllowThirdPartyModules))
     mitigations |= sandbox::MITIGATION_FORCE_MS_SIGNED_BINS;
   if (sandbox_type == SandboxType::kNetwork ||
-      sandbox_type == SandboxType::kAudio ||
-      sandbox_type == SandboxType::kIconReader) {
+      sandbox_type == SandboxType::kAudio) {
     mitigations |= sandbox::MITIGATION_DYNAMIC_CODE_DISABLE;
   }
   // TODO(wfh): Relax strict handle checks for network process until root cause
@@ -1130,8 +1129,6 @@ std::string SandboxWin::GetSandboxTypeInEnglish(SandboxType sandbox_type) {
       return "Sharing";
     case SandboxType::kVideoCapture:
       return "Video Capture";
-    case SandboxType::kIconReader:
-      return "Icon Reader";
   }
 }